Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164 | Mailing List Patch Vendor Advisory |
https://www.debian.org/security/2022/dsa-5153 | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2021-11-03 16:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-37148
Mitre link : CVE-2021-37148
CVE.ORG link : CVE-2021-37148
JSON object : View
Products Affected
apache
- traffic_server
debian
- debian_linux
CWE
CWE-20
Improper Input Validation